Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust

Sam Kumar and Yuncong Hu and Raluca Ada Popa

EECS Department, University of California, Berkeley

Technical Report No. UCB/EECS-2020-107

May 29, 2020

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.pdf

Data-sharing systems are often used to store sensitive data. Both academia and industry have proposed numerous solutions to protect user privacy and data integrity from a compromised server. Practical state-of-the-art solutions, however, use weak threat models based on <i>centralized trust</i>&#8212;they assume that part of the server will remain uncompromised, or that the adversary will not perform active attacks. We propose Ghostor, a data-sharing system that, using only <i>decentralized trust</i>, (1) hides user identities from the server, and (2) allows users to detect server-side integrity violations. To achieve (1), Ghostor avoids keeping any per-user state at the server, requiring us to redesign the system to avoid common paradigms like per-user authentication and user-specific mailboxes. To achieve (2), Ghostor develops a technique called <i>verifiable anonymous history</i>. Ghostor leverages a blockchain <i>rarely</i>, publishing only a single hash to the blockchain <i>for the entire system</i> once every epoch. We measured that Ghostor incurs a 4–5x throughput overhead compared to an insecure baseline. Although significant, Ghostor's overhead may be worth it for security- and privacy-sensitive applications.

Advisors: David Culler and Raluca Ada Popa

BibTeX citation:

@mastersthesis{Kumar:EECS-2020-107,
    Author= {Kumar, Sam and Hu, Yuncong and Popa, Raluca Ada},
    Title= {Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust},
    School= {EECS Department, University of California, Berkeley},
    Year= {2020},
    Month= {May},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.html},
    Number= {UCB/EECS-2020-107},
    Abstract= {Data-sharing systems are often used to store sensitive data. Both academia and industry have proposed numerous solutions to protect user privacy and data integrity from a compromised server. Practical state-of-the-art solutions, however, use weak threat models based on <i>centralized trust</i>&#8212;they assume that part of the server will remain uncompromised, or that the adversary will not perform active attacks. We propose Ghostor, a data-sharing system that, using only <i>decentralized trust</i>, (1) hides user identities from the server, and (2) allows users to detect server-side integrity violations. To achieve (1), Ghostor avoids keeping any per-user state at the server, requiring us to redesign the system to avoid common paradigms like per-user authentication and user-specific mailboxes. To achieve (2), Ghostor develops a technique called <i>verifiable anonymous history</i>. Ghostor leverages a blockchain <i>rarely</i>, publishing only a single hash to the blockchain <i>for the entire system</i> once every epoch. We measured that Ghostor incurs a 4–5x throughput overhead compared to an insecure baseline. Although significant, Ghostor's overhead may be worth it for security- and privacy-sensitive applications.},
}

EndNote citation:

%0 Thesis
%A Kumar, Sam 
%A Hu, Yuncong 
%A Popa, Raluca Ada 
%T Ghostor: Toward a Secure Data-Sharing System from Decentralized Trust
%I EECS Department, University of California, Berkeley
%D 2020
%8 May 29
%@ UCB/EECS-2020-107
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2020/EECS-2020-107.html
%F Kumar:EECS-2020-107